Print Security Vulnerabilities and Issues — Print CVE List

MapfishPrint

2 matches found

CVE•added 2020/10/02 7:45 p.m.•80 views

CVE-2020-15232

The CVE-2020-15232 issue affects mapfish-print prior to version 3.24, where XML External Entity (XXE) processing is vulnerable via the SDL parser (DTDs are not disabled), enabling an attacker to inject untrusted entities. Public advisories describe remote XXE exploitation, with remediation statin...

9.3CVSS9.2AI score0.01326EPSS

CVE•added 2020/10/02 7:40 p.m.•76 views

CVE-2020-15231

CVE-2020-15231 affects mapfish-print prior to version 3.24. A JSONP misuse in mapfish-print allows Cross-site Scripting, enabling an attacker to inject and execute arbitrary JavaScript in a user’s browser via JSONP. Remediation per advisories is to upgrade to version 3.24 or later. The connected ...

9.3CVSS6.2AI score0.00792EPSS